General

  • Target

    e831ad7bcce112cfdd163e2106862f50_NEIKI

  • Size

    362KB

  • Sample

    240509-ell6facd78

  • MD5

    e831ad7bcce112cfdd163e2106862f50

  • SHA1

    73abdcfcd10d42bb0512c8b34eb99b4b0cfbb79f

  • SHA256

    8d40cfff3f8e192b2271a702a3aebbd0ff9a45536a8df7396bd975967999740d

  • SHA512

    85861d1715a039f45481e70bf0a9199278eebb930becb054fe8fda2236eaa7334e9f0405625eafdf0a3d202f9ab89a8d54c27371ef7a46ec2feba2818e11c0ab

  • SSDEEP

    6144:wqmAEStGDuMEUrQVad7nG3mbDp2o+SsmiMyhtHEyr5psPc1aj8DOvlvuZxriEldJ:NBtmuMtrQ07nGWxWSsmiMyh95r5OPGa6

Malware Config

Targets

    • Target

      e831ad7bcce112cfdd163e2106862f50_NEIKI

    • Size

      362KB

    • MD5

      e831ad7bcce112cfdd163e2106862f50

    • SHA1

      73abdcfcd10d42bb0512c8b34eb99b4b0cfbb79f

    • SHA256

      8d40cfff3f8e192b2271a702a3aebbd0ff9a45536a8df7396bd975967999740d

    • SHA512

      85861d1715a039f45481e70bf0a9199278eebb930becb054fe8fda2236eaa7334e9f0405625eafdf0a3d202f9ab89a8d54c27371ef7a46ec2feba2818e11c0ab

    • SSDEEP

      6144:wqmAEStGDuMEUrQVad7nG3mbDp2o+SsmiMyhtHEyr5psPc1aj8DOvlvuZxriEldJ:NBtmuMtrQ07nGWxWSsmiMyh95r5OPGa6

    • Adds autorun key to be loaded by Explorer.exe on startup

    • Malware Dropper & Backdoor - Berbew

      Berbew is a backdoor Trojan malware with capabilities to download and install a range of additional malicious software, such as other Trojans, ransomware, and cryptominers.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks